Autor: Alan J. Flavell Datum: To: Dennis Davis CC: Exim users list Betreff: Re: [Exim] Idea to slow down spammers
On Wed, 30 Apr 2003, Dennis Davis wrote:
> You can try to guard against this by setting
> smtp_accept_max_per_host to a reasonably small value in the main
> configuration section. I do this here. It can also help to contain
> "bursty" mailing list fanout hitting your servers. In particular
> EZLM (qmail) mailing lists tend to do this as they use VERP. So
> each message arrives with just one recipient.
Right, but the dictionary scanners that I'm thinking of seem to have a
rolling list of hundreds of open proxies which they use. As soon as
our mailer spots the pattern, it drops those IPs one by one into a
local blacklist, and by that means we've collected nearly two thousand
such IPs so far this year alone.
If they're exploiting a fresh open proxy for each attempt (and it
seems there's an effectively unlimited supply of such loopholes on the
internet), then it seems to me that they could still achieve denial of
service on us, despite the setting of smtp_accept_max_per_host.